Here we are, Part 4 of the series. To recap what I have done thus far.. I’ve installed the Exchange Server Edge role followed by Forefront Protection 2010 for Exchange Server.
In this part I install TMG 2010 and perform some basic configuration. The minimum system requirements for TMG 2010 can be found on Microsoft TechNet.
To get started, insert your Forefront Threat Management Gateway 2010 installation media and then select “Run Preparation Tool”
This launches the “Forefront TMG Preparation Tool”, read through the notes on the welcome screen and click “Next”. Read and accept the License Agreement and click “Next”
Depending on your environment, select the appropriate Installation Type. I won’t be installing a TMG array so I selected “Forefront TMG services and Management”. Then click “Next”
Once all the prerequisite features have been installed, click “Finish” to launch the TMG 2010 installation wizard.
Click “Next” on the welcome screen. Read and accept the License Agreement and click “Next”
Next you will be presented with the “Customer Information” page with the Product Serial Number. Once you have entered the appropriate details, click “Next” and verify the installation path. Change this as appropriate and click “Next”
Next we need to define our internal network ranges. Be sure to include all of them there, mine are fairly simple and are all included in the range 172.0.0.0-172.0.0.255.
During the installation, some services will be restarted. Acknowledge this warning by clicking “Next”
Click “Install” to begin the installation.
Once the installation has completed successfully, click “Finish”
Congratulations, you now have TMG 2010 installed. Lets look at some basic configuration. The first time you launch the TMG Management Console, you’ll be presented with the “Getting Started Wizard” The first step is to “Configure network settings”
Click “Next” to continue and then select the appropriate network template, you’ll want to select “Edge Firewall” here. It should be noted that the “Single network adaptor” template has many limitations and will not work in our scenario. Click here to read more about single network adapter limitations. Click “Next” to continue
Ensure that your LAN or “Internal” network settings are configured correctly and click “Next” *note the absence of a “Default Gateway”
Then, ensure that your Internet or “External” network settings are configured correctly and click “Next”
Click “Finish” to complete the network setup wizard.
The next step is to “Configure system settings”
Click “Next” to continue and then confirm the “Host Identification” settings, note once again that this server is a member of a workgroup and is not part of the domain. Click “Next”
Click “Finish” to complete the system configuration wizard
The final step is to “Define deployment options”
Click “Next” to continue and on the “Microsoft Update Setup” screen, select the appropriate setting and click “Next”
Activate the relevant licenses and features and click “Next”
On the “NIS Signature Update Settings” screen, select the appropriate setting and click “Next” if in doubt, just leave the defaults
Would you like to join the “Customer Experience Improvement Program”? make your selection and click “Next” and then decide if you would like to participate in the “Microsoft Telemetry Reporting Service”, make your selection and click “Next”
Click “Finish” to complete the deployment wizard
You have now completed the “Getting Started Wizard”
To summarise, in this part of the series I installed TMG 2010 and then proceeded to perform some basic configuration. In the next part of the series, I’ll configure our email policy and create a new Edge Subscription